An Information Theoretic Perspective on the Differential Fault Analysis against AES
Differential Fault Analysis against AES has been actively studied these years. Based on similar assumptions of the fault injection, different DFA attacks against AES have been proposed. However, it is difficult to understand how different attack results are obtained for the same fault injection. It is also difficult to understand the relationship between similar assumptions of fault injection and the corresponding attack results. This paper reviews the previous DFA attacks against AES based on the information theory, and gives a general and easy understanding of DFA attacks against AES. We managed to apply the analysis on DFA attacks on AES-192 and AES-256, and we propose the attack procedures to reach the theoretically minimal number of fault injections.
Efficient Differential Fault Analysis for AES
This paper proposes improved post analysis methods for Differential Fault Analysis (DFA) against AES. In detail, we propose three techniques to improve the attack efficiency as 1) combining previous DFA methods, 2) performing a divide-and-conquer attack by considering the AES key-schedule structure, and 3) taking the linearity of the MixColumns operation into account. As a result, the expectation of the analysis time in the previous work can be reduced to about one sixteenth. Notice that these improvements are based on the detailed analysis of the previous DFA methods and the calculation time and memory cost in practical implementations. Moreover, the proposed techniques can be widely applied to DFA attacks under different assumptions.